1. Technical Field
The present invention relates generally to an apparatus for analyzing the vulnerability of a wireless Local Area Network (LAN) and, more particularly, to technology that provides a method in which the administrator of an IEEE 802.11-based wireless LAN monitors the state of the wireless LAN using a mobile terminal and directly makes a wireless attack against the network, thereby analyzing the vulnerability of the wireless LAN that is being managed by the administrator.
2. Description of the Related Art
IEEE 802.11-based wireless LAN technology is being widely used in homes, companies and public networks because the technology enables terminals to use networks inexpensively and rapidly without requiring wired connections.
In particular, as notebook computers equipped with wireless LAN cards, smart phones, and tablets are being widely used, users can use at any time or any place various types of Internet-based application services, such as web surfing, news access, social service networking, e-mail exchange, etc.
Meanwhile, as high-speed provision technology, such as 802.11n and 802.11ac, and security enhancement wireless LAN technology, such as 802.11i, and 802.11w, have appeared, securer and more convenient wireless LAN technology has become available.
However, although security enhancement technology is applied to a wireless LAN, there is still vulnerability attributable to the characteristics of wireless technology.
Unlike wired technology, wireless technology is problematic in that anybody can access a wireless network and in that a wireless network is exposed to various types of attacks (e.g., falsification of an address, tapping, and the forging of packets) because it is difficult to find the actual physical location of a network access point.
In order to safely manage wireless LANs that are subject to such various attacks, there are various conventional technologies.
First, a method using WIDS/WIPS sensors is used to detect and handle intrusions. These sensors function to continuously collect wireless LAN packets, detect such an attack, and handle the attack at fixed locations.
Second, a method of analyzing and managing a network using a portable terminal is used. This terminal has a form that can be easily carried by an administrator, and functions to collect wireless LAN packets at a location desired by the administrator, check the state of a network, and determine whether the quality of the network is normal. Some products include the function of the above-described sensors.
Third, there is a method in which an attack function has been added to the second technology and thus the vulnerability of a network can be checked. In connection with this, Korean Patent No. 0520103 discloses a vulnerability analysis system including SSID modification attack and 802.1x-based denial-of-service (DoS) attack functions.
The first and second methods cannot determine an attack to which a currently established system is vulnerable because the vulnerability analysis systems do not check the states of the system and the network while making attacks in an active manner.
Meanwhile, although the third method is advantageous in that an administrator can analyze the vulnerability of a system in an active manner, it is disadvantageous in that the number of attacks is limited and there is no function of operating in conjunction with other systems (such as an AP, an intrusion detection sensor, and a server).
As a result, there is a need for the development of technology that is capable of stably managing wireless LANs that are subject to various attacks.